Caesar & Vigenère
Walk through the substitution ciphers that taught the world to think about keys. Includes a frequency-analysis attacker that breaks them in your browser.
A growing collection of small, working applications that make cryptography tangible — from Caesar ciphers to lattice-based key encapsulation. Source on GitHub. Guides on this site. No accounts. No paywalls.
This site is a teaching workbench. Each app is small enough to read in an afternoon and substantial enough to demonstrate something real — a Vigenère cipher, an authenticated stream, a Diffie-Hellman handshake, a hybrid post-quantum key exchange.
The code lives on GitHub under permissive licenses. The guides on this site walk through the math, the protocol, and the security story. Run the apps, break them, fork them, ship them.
Built and maintained by a working cryptographer who'd rather you learned the primitives than memorized the marketing. Everything here is free. There is nothing to sign up for.
Walk through the substitution ciphers that taught the world to think about keys. Includes a frequency-analysis attacker that breaks them in your browser.
Step through every round of AES-128 — SubBytes, ShiftRows, MixColumns, AddRoundKey — with the state matrix updating live. GCM mode included.
Generate keys, sign messages, exchange secrets. Watch the modular arithmetic of RSA and the curve point multiplication of ECDH P-256 unfold one operation at a time.
The new NIST standards. Encapsulate a shared secret with lattice cryptography (FIPS 203) and sign a message with module-lattice signatures (FIPS 204).
The transitional handshake the internet is converging on. Combine a classical curve with a lattice KEM and derive a single shared secret through HKDF.
Watch the Merkle-Damgård and sponge constructions chew through messages. Build an HMAC by hand. Test collision resistance with a birthday-attack simulator.
Each one is self-contained. Start with the classical ciphers if cryptography is new to you; jump to ML-KEM if it isn't. The order roughly tracks the history of the field.
Every app has a written guide on this site that explains the primitive, walks through the code, and points out the failure modes. Roughly twenty minutes each.
Source is on GitHub. Clone it, run it locally, change a parameter, watch it fail. The point isn't that the code works — it's that you understand why it works.